Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with unknown.. need help :(


  • Please log in to reply
1 reply to this topic

#1 irishdave

irishdave

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 06 November 2009 - 11:18 AM

Please help me

I think I have been infected from sponsors of the site wtso.net. The site itself is clean but i think i have been infected via their sponsor sites. The problems started a day or two ago with a slow down in responsiveness and occasional flickering of my screen. yesterday i had what seemed like a failure in my graphics card, i updated the drivers and restarted my pc. when it came back the resolution was set to minimum. I cannot up the resolution. my antivirus says there are no infections but has submitted some files to eset for furthur evaluation. Trendmicro housecall found -> ADWARE_FASTERXP but i'm not sure if this is the only infection. since it cleaned the files the problems havent changed.

the infection mainly seems to target the graphics card/some sort of gfx related issue. Even on the boot menu there are odd pixels. the system works fine (seemingly). I can use everything it just looks ultra crappy. there are streaks of green pixels down my screen.

when i start adaware i get - exception EAccessViolation in module Ad-Aware.exe at 001F4B58. Access violation at address 005F4B58 in module ;Ad-Aware.exe' Read of Address 00000418

SYSTEM WIN XP SP3, GFX NVIDIA GEFORCE 8800GTS, INTEL Q6600. ESET ANTIVIRUS AND ZONE ALARMS FIREWALL. SPYWARE BLASTER, ADAWARE


DDS (Ver_09-10-26.01) - NTFSx86
Run by User at 14:51:24.79 on 06/11/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3071.2423 [GMT 0:00]

AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
FW: COMODO Firewall Pro *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Sonic\Sonic Solutions Product CD\RecordNow!\RecordNow.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\User\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.thedailynice.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Veoh Browser Plug-in: {d0943516-5076-4020-a3b5-aefaf26ab263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [CTAPR2] "c:\program files\creative\sound blaster x-fi\console launcher\CTAPR2.exe" /r
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanlu.exe" /r
mRun: [SPIRun] Rundll32 SPIRun.dll,RunDLLEntry
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
uPolicies-explorer: NoControlPanel =
mPolicies-explorer: NoControlPanel =
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} - hxxp://support.f-secure.com/ols/fscax.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1213638461109
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://t1.battlefield-heroes.com/patcher/westpatcher.cab
DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} - hxxp://www.ca.com/us/securityadvisor/virusinfo/webscan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://www.creative.com/softwareupdate/su2/ocx/15106/CTPID.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: winjyg32 - winjyg32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-4-17 28544]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-2-6 106208]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-2-6 727720]
R3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2008-8-14 735744]
R3 t3filt;t3filt;c:\windows\system32\drivers\t3filt.sys [2008-8-14 1656960]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files\common files\creative labs shared\service\MT6Licensing.exe [2009-3-4 79360]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [2008-1-5 19020]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [2007-7-17 332928]
S3 SjyPkt;SjyPkt;\??\c:\windows\system32\drivers\sjypkt.sys --> c:\windows\system32\drivers\SjyPkt.sys [?]
S3 uisp;Freescale USB JW32 driver;c:\windows\system32\drivers\USBICP.sys [2008-1-5 14592]

=============== Created Last 30 ================

2009-11-05 15:24:52 0 d-----w- c:\program files\a-squared Free
2009-11-05 15:09:40 0 d-----w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation
2009-11-05 15:09:11 0 d-----w- c:\program files\NVIDIA Corporation
2009-11-02 13:03:33 0 d-----w- c:\program files\RealTimeRace
2009-10-30 11:19:25 0 d-----w- c:\docume~1\user\applic~1\AA Pass Your Test
2009-10-30 11:07:24 0 d-----w- c:\program files\AA Pass Your Test
2009-10-19 12:35:24 94208 ----a-w- c:\windows\system32\vbalIml6.ocx
2009-10-19 12:35:24 65536 ----a-w- c:\windows\system32\vbalIcoM6.dll
2009-10-19 12:35:24 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2009-10-19 12:35:24 233472 ----a-w- c:\windows\system32\XDockFloat.dll
2009-10-19 12:35:24 212240 ----a-w- c:\windows\system32\richtx32.ocx
2009-10-19 12:35:24 167936 ----a-w- c:\windows\system32\ccrpftv6.ocx
2009-10-19 12:35:23 0 d-----w- c:\program files\Veign
2009-10-19 12:31:35 0 d-----w- c:\program files\Oak Systems
2009-10-15 13:01:34 24440 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-12 14:51:36 0 d-----w- c:\program files\common files\Hewlett-Packard
2009-10-12 14:47:49 110415 ----a-w- c:\windows\hpoins11.dat
2009-10-12 14:47:31 6947 ----a-w- c:\windows\hpomdl11.dat
2009-10-12 14:25:10 38400 ----a-w- c:\windows\system32\hpz3l054.dll
2009-10-12 14:24:12 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2009-10-12 14:24:12 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2009-10-12 14:24:12 65536 ----a-w- c:\windows\system32\HPZinw12.exe
2009-10-12 14:24:12 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2009-10-12 14:24:12 282680 ----a-w- c:\windows\system32\HPZidr12.dll
2009-10-12 14:24:12 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2009-10-12 14:23:35 0 d-----w- c:\program files\HP
2009-10-12 14:20:37 49664 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2009-10-12 14:20:37 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2009-10-12 14:20:37 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2009-10-12 14:20:31 98304 ----a-w- c:\windows\system32\hpzjsn01.dll
2009-10-12 14:20:31 827392 ----a-w- c:\windows\system32\hpotiop2.dll
2009-10-12 14:20:31 77824 ----a-w- c:\windows\system32\HPZIDS01.dll
2009-10-12 14:20:31 659456 ----a-w- c:\windows\system32\hpowiax2.dll
2009-10-12 14:20:31 282624 ----a-w- c:\windows\system32\HPZc3212.dll
2009-10-12 14:20:31 254026 ----a-w- c:\windows\system32\hpovst09.dll
2009-10-12 14:06:48 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-10-12 14:06:48 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

==================== Find3M ====================

2009-11-06 12:45:17 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-11-06 12:45:15 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-11-04 21:24:00 138936 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-04 21:22:44 214504 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-01 09:29:14 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-09-27 18:19:52 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 16:12:22 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 16:12:22 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 16:12:22 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-27 16:12:22 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 16:12:22 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 16:12:22 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 16:12:22 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 16:12:22 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 16:12:22 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-09-27 16:12:22 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 08:08:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-28 18:42:52 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-14 13:36:18 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-04-29 23:29:27 29184 --sha-w- c:\program files\Thumbs.db
2008-05-18 15:29:00 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008051820080519\index.dat

============= FINISH: 14:53:09.00 ===============




ESET

Scan Log
Version of virus signature database: 4577 (20091105)
Date: 06/11/2009 Time: 05:00:49
Scanned disks, folders and files: Operating memory;C:\Boot sector;C:\;D:\Boot sector;D:\
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_eng.exe 7ZIP Packages/Nokia_PC_Suite/Setup/Nokia_PC_Suite.msi MSI Data1.cab CAB bkmrksync.xpi ZIP chrome.manifest MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_eng.exe 7ZIP Packages/Nokia_PC_Suite/Setup/Nokia_PC_Suite.msi MSI Data1.cab CAB pcsuite_eng.chm CHM /#BSSCMF MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_eng.exe 7ZIP Packages/Nokia_PC_Suite/Setup/Nokia_PC_Suite.msi MSI CommunicationCentre.cab CAB Comms_eng.chm CHM /#BSSCMF MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Packages\Nokia_PC_Suite\Setup\Nokia_PC_Suite.msi MSI Data1.cab CAB bkmrksync.xpi ZIP chrome.manifest MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Packages\Nokia_PC_Suite\Setup\Nokia_PC_Suite.msi MSI Data1.cab CAB pcsuite_eng.chm CHM /#BSSCMF MIME - is OK (internal scanning not performed)
C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Packages\Nokia_PC_Suite\Setup\Nokia_PC_Suite.msi MSI CommunicationCentre.cab CAB Comms_eng.chm CHM /#BSSCMF MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\m5szpc4e.default\extensions\bkmrksync@nokia.com\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\m5szpc4e.default\extensions\piclens@cooliris.com\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\m5szpc4e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\m5szpc4e.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\chrome.manifest MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\Local Folders\Drafts MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\Local Folders\ESET Antispam MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\Local Folders\Inbox MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\Local Folders\Sent MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\Local Folders\Trash MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-1.com\Drafts MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-1.com\ESET Antispam MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-1.com\Inbox MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-1.com\Sent MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-1.com\Trash MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-2.com\Inbox MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-2.com\Sent MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\mail.hundredstensunits-2.com\Trash MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\pop.googlemail.com\Drafts MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\pop.googlemail.com\ESET Antispam MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\pop.googlemail.com\Inbox MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\pop.googlemail.com\Sent MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Application Data\Thunderbird\Profiles\reuhfuvb.default\Mail\pop.googlemail.com\Trash MBOX - is OK (internal scanning not performed)
C:\Documents and Settings\User\Desktop\a2FreeSetup.exe INNO files.info - file is not an archive
C:\Documents and Settings\User\Desktop\Hundreds Tens Units BACKUP.part1.rar RAR Hundreds Tens Units\Design\Image Bank\RESOLVED\jugrenderinginterior.tif - next archive volume not found
C:\Documents and Settings\User\Desktop\Uni Work BACKUP.part01.rar RAR Uni Work\MODULES\Completed Modules\206TPD Design in Context\main research\reference\monday 1st may\360\PICT0081.JPG - next archive volume not found
C:\Documents and Settings\User\Desktop\Lith's Font Pack for Design\Fonts 5 - BigMuthaPack\Misc files\CONTENTS.TXT MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Desktop\Lith's Font Pack for Design\Fonts 5 - BigMuthaPack\Misc files\rep.txt MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\Local Settings\Application Data\Identities\{0F77D7E1-A35F-4CCF-A231-8A3BBE63F443}\Microsoft\Outlook Express\Inbox.dbx DBX - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Battlefield 2\Profiles\0001\Controls.con MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Battlefield 2142\Profiles\0001\Controls.con MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Battlefield Heroes\Controls.con MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Downloads\SimCity 4 Deluxe\CD Images\CD1\SimCity 4 Deluxe CD1.iso ISO es_eula.txt MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Downloads\SimCity 4 Deluxe\CD Images\CD1\SimCity 4 Deluxe CD1.iso ISO fr-fr_eula.txt MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Downloads\SimCity 4 Deluxe\CD Images\CD1\SimCity 4 Deluxe CD1.iso ISO it_eula.txt MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\Downloads\SimCity 4 Deluxe\CD Images\CD1\SimCity 4 Deluxe CD1.iso ISO pt-br_eula.txt MIME - is OK (internal scanning not performed)
C:\Documents and Settings\User\My Documents\My Videos\Veoh\AppBackup\Plugins\noreg\videofinder4\chrome.manifest MIME - is OK (internal scanning not performed)
Scan terminated by user!
Number of scanned objects: 293511
Number of threats found: 0
Time of completion: 09:10:09 Total scanning time: 14960 sec (04:09:20)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.

Attached Files



BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:07:58 AM

Posted 11 November 2009 - 05:15 AM

Hello irishdave

Welcome to BleepingComputer :(
==========================
Hi this is just a failing Video card.
I would look inside of the case and check for any bulging compacitors on the card or it may just need to be replaced.
Either way you are not infected.

If you need futher assistance you can start a topic here in this forum:
http://www.bleepingcomputer.com/forums/f/7/internal-hardware/
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users